Firewall enabling confusion.
Shaun T. Erickson
ste at ste-land.com
Fri Feb 27 12:43:18 PST 2004
Warren Block wrote:
> On Fri, 27 Feb 2004, Shaun T. Erickson wrote:
>
>
>>Thanks! Yes, the ipfw.ko module is getting loaded. So now I just need to
>>know how to enable things like divert and logging.
>
>
> /etc/rc.firewall has examples.
I looked at that. That's not what I mean. :) I mean, if I do not have to
build a new kernel to enable firewalling, logging and divert, then how
do I enable them, such that the following line from my messages file
would show that they have been enabled?
Adding firewall_enable="YES" to rc.conf caused the ipfw module to be
loaded, enabling firewalling. Adding firewall_logging="YES" did *not*
enable logging in the message file line shown below. How do I do that?
How would I get that line to show divert as being enabled? I may be
wrong (correct me if I am, please), but doesn't that line have to show
them as enabled, before I can successfully make use of them in ipfw
commands like those you pointed me to in rc.firewall? What if I want
that line to report that the default is open, instead of deny?
Feb 27 14:37:22 peter kernel: ipfw2 initialized, divert disabled,
rule-based forwarding enabled, default to deny, logging disabled
-ste
More information about the freebsd-questions
mailing list